Microsoft announced plans for a free consumer security product, codenamedMao on 18 November 2008.[4] It marked a change in Microsoft's consumer antivirus marketing strategy: Instead of offering a subscription-based antivirus with a host of other tools, such as backup and a personal firewall, Morro would be free for all genuine installations of Windows not intended for business use (with an exception for small home based businesses) and offers protection against all types of malware.[5]Microsoft Forefront would be offered alongside MSE, with central management tools not present in MSE.

Hardware requirements for MSE differ, depending on the operating system. For Windows XP, MSE requires at least a 500 MHzprocessor and 256 MB of RAM. On Windows Vista and Windows 7, MSE requires a 1 GHz processor and 1 GB of RAM. Under any compatible operating system, a VGA screen of 800 × 600 or higher, 140 MB of free space, and an Internet connection are also required.[9]

On 19 July 2010 Microsoft released the beta version of Microsoft Security Essentials 2.0. The key new features are: Updated protection engine, protection against web-based threats and a network intrusion detection system that works on Windows Vista and Windows 7.[10][11]

MSE is a security suite designed for consumers and lacks centralized management features which are found in Microsoft Forefront Client Security. It includes the same anti-malware engine (dubbed "Microsoft Malware Protection Engine", or MSMPENG for shortTemplate:Not in citation), and virus definitions that all other Microsoft desktop anti-malware products share, including Forefront Client Security, Windows Live OneCare, and Windows DefenderTemplate:Not in citation (Defender excludes the antivirus definitions which are separate from the antispyware definitions).[12] Before installation, MSE checks for the validity of the installed copy of Microsoft Windows. MSE requires no registration or personal information.[13] MSE will disable Windows Defender, as it provides protection against malware, not limited to spyware and adware.[3]

Using default settings, archived files are decompressed, and then scanned. File downloads and e-mail attachments are also scanned. Its Dynamic Signature Service attempts to better identify malicious files by checking for updates if an application exhibits suspicious behavior.[14] Before taking action against a suspect file, MSE prompts for user input. If no response is received in ten minutes, then the suspected malware is handled according to its default action, letting MSE determine what to do with the malware. System Restore points are created before removing found malware.[15]

MSE automatically checks for and downloads virus definition updates which are published three times a day to Microsoft Update.[16] Alternatively, users may download the updates manually from Microsoft Security Portal.[17]

Microsoft allows users to freely download, install and use Microsoft Security Essentials on an unlimited number of their computers in their households, so long as each computer has a genuine copy of Microsoft Windows. Microsoft Security Essentials checks for validity of the operating system during and after installation. If the operating system is found to be not genuine, Microsoft Security Essentials will notify the user of the issue, and may cease to operate after a period of time.[19]

Microsoft Security Essentials software license agreements also denies the user the right to reverse-engineer, hack, decompile or disassemble the software or to publish or disclose the results of benchmark tests of this software to third parties without prior written approval from Microsoft Corporation.[19]

On 19 November 2008, after Microsoft publicly announced Microsoft Security Essentials under the code-name "Morro", Symantec and McAfee shares fell 9.44 and 6.62 percent respectively. Microsoft shares also fell 6 percent. Amy Barzdukas, senior director of product management for the Online Services and Windows Division at Microsoft announced that Microsoft Security Essentials will not directly compete with other paid-for antivirus software; rather it was "focused on the 50 to 60 percent [of PC users] who don't have, or won't pay for, antivirus protection, antimalware protection".[20]

Symantec, McAfee and Kaspersky Lab, three competing antivirus vendors, dismissed Microsoft Security Essentials as a competitor, claiming that Microsoft Security Essentials is not as good as their own software.[21][22] Tom Powledge of Symantec claimed OneCare offered "substandard protection" and an "inferior user experience", implying MSE would be the same.[citation needed] Joris Evers, director of worldwide public relations for McAfee stated "With OneCare's market share of less than 2%, we understand Microsoft's decision to shift attention to their core business."[23] Justin Priestley of Kaspersky stated, "[Microsoft] continued to hold a very low market share in the consumer market, and we don't expect the exit of OneCare to change the playing field drastically."[23]

AVG Technologies however, viewed MSE positively. An AVG Technologies representative stated, "We view this as a positive step for the AV landscape. AVG has believed in the right to free antivirus software for the past eight years." Nevertheless, AVG raised the issue of distributing the software, "Microsoft will have to do more than simply make the product available."[23]

Despite its appreciation of Microsoft Security Essentials as a free product, AVG Technologies stated that integration of Microsoft Security Essentials with Microsoft Windows would be a violation of competition law.[24] McAfee and Sophos both affirmed that an antitrust lawsuit would surely have followed if Microsoft had bundled Microsoft Security Essentials with Windows.[25]

On 10 June 2009, Microsoft announced that a beta version of Microsoft Security Essentials would be released in a near future but did not specify a date; subsequently Microsoft shares grew by 2.1 percents. Both Symantec and McAfee shares fell by 0.5 percents and 1.3 percents respectively. Daniel Ives, an analyst with FBR Capital Markets said Microsoft Security Essentials would be a "long-term competitive threat", though near-term impact would be negligible.[2]

PC World noted its "clear-cut" and "cleanly designed" tabbed user interface. At the top of the main tab, the security status is clearly shown. The other three tabs allow users to manually update Microsoft Security Essentials, review its history, and change program settings. However, PC World found some of the settings to be cryptic and confusing. Settings, such as what to do when malware is found, default to "Microsoft Security Essentials' recommended action". There is no explanation of the recommended action except in the help file. The editor was also confused because Microsoft Security Essentials does not mention it automatically updates itself within the interface; some may believe they must manually update MSE through the "Update" tab.[27] However, this was included in the final release.

PC Magazine cited MSE's small installation package (about 7 MB, depending on the operating system) and its speedy installation. On the downside, the full installation occupied about 110 MB of disk space, and the initial update took 5 to 15 minutes. The editor also noted the fact MSE sets Windows Update into its fully automatic mode, which automatically downloads and installs updates although it can then be turned off again through the control panel. Installation succeeded on 12 malware-infected systems. Some full scans took over an hour on infected systems; however, a scan on a clean system took 35 minutes.[26]

According to Neil Rubenking, a PC Magazine author, in an on-demand scan test that he conducted, Microsoft Security Essentials Beta found 89 percent of all malware samples: It found only 30 percent of commercial keyloggers, 67 percent of rootkits and only half of scareware samples. The suite's real-time protection found 83 percent of all malware samples and blocked the majority of them: In this test, Microsoft Security Essentials found 40 percent of the commercial keyloggers and 78 percent of the rootkits.[26]

The popularity of Microsoft Security Essentials has led to the appearance of malware abusing its name. In February 2010, a rogue security package calling itself "Security Essentials 2010" appeared on the Internet. Designated TrojanDownloader:Win32/Fakeinit by Microsoft, it bears no visual resemblance to the Microsoft product but the legitimate and fake versions are aligned differently.[33][34] It reappeared in November 2010, this time calling itself "Microsoft Security Essentials 2011".[35] A more dangerous rogue appeared in October 2010. Designated Rogue:Win32/FakePAV or Unknown Win32/Trojan, it closely resembles Microsoft Security Essentials and uses sophisticated social engineering to deceive users and infect their systems, under the guise of five different fictional anti-malware products. It also terminates and prevents the launch of 156 different programs, including Registry Editor, Command Prompt, Internet Explorer, Mozilla Firefox, Opera, Safari and Google Chrome.[36][37][38]

Most of these take on the assumption that you are using the smooth rounding window effect, published originally in XP but showed up as early as Windows 2000/ME.

Show up as an image within a frameless window.

When the cursor is moved over from the desktop to the "window", the cursor changes from a arrow, or default image, to a hand image. This hand image is similar to how the cursor changes when viewing a website and moving over a hyper link.

A couple ways of protecting yourself from product spoofers, whether Microsoft or not, is to change the Theme of your desktop.

Instead of using the Aero styled themes (Vista/7) or Rounding effect (XP), as pictured. Change it to Windows Classic, which is the 95/98 styled theme.

This desktop theme change will not be as pretty but will help protect you from 80-90% of all the malicious products out there that make assumptions about the theme on your desktop.

Pay Attention to your "mouse"/Cursor when moving over the "window" to try and close it out. If your cursor changes from a arrow (or default image) to a Hand (or hyperlink styled image) then you need to either do a Soft Reboot, or Hard Reboot if you panic.

If the "window" is visible, then you already have Stage 1 of the software and performing the click finalizes the software installation, ie Stage 2 (via Javascript) and computer identification.

If you find yourself at or past Stage 2, you need to immediately disconnect you computer from the Internet/Network and perform a prompt "Delete *.*, Format C:, Reinstall". If you are not sure about this operation, then tke your computer immediately to a Computer Support company, in your town, or call your manufacturer of your computer (Dell, HP, etc), if still on a support plan, and advise either of them of the situation.